﻿using System.Linq;
using System.Net;
using System.Web.Mvc;
using PhotoBlog.Core.Models;
using PhotoBlog.Core.Models.Albums;
using PhotoBlog.Models.Users;

namespace PhotoBlog.Controllers
{
    public class AlbumController : Controller
    {
        private readonly IAlbumRepository albumRepository;
        private readonly IUserRepository userRepository;
        public AlbumController(IAlbumRepository albumRepository, IUserRepository userRepository)
        {
            this.albumRepository = albumRepository;
            this.userRepository = userRepository;
        }

        [Authorize]
        public ActionResult Index()
        {
            var isAdmin = userRepository.UserIsAdmin(User.Identity.Name);
            if (!isAdmin)
            {
                return View("_Layout");
            }
            var albums = albumRepository.GetAlbums(withHidden: true).ToList();
            return View(albums);
        }

        [Authorize(Users = "admin")]
        public ActionResult Create()
        {
            return View();
        }

        // POST: /Album/Create
        // To protect from overposting attacks, please enable the specific properties you want to bind to, for 
        // more details see http://go.microsoft.com/fwlink/?LinkId=317598.
        [HttpPost]
        [ValidateAntiForgeryToken]
        [Authorize]
        public ActionResult Create([Bind(Include = "AlbumId,AlbumName,Description,Hide")] Album album)
        {
            var isAdmin = userRepository.UserIsAdmin(User.Identity.Name);
            if (!isAdmin)
            {
                return View("_Layout");
            }
            if (ModelState.IsValid)
            {
                var user = userRepository.GetUserByLogin(User.Identity.Name);
                album.UserId = user.UserId;
                albumRepository.Add(album);
                return RedirectToAction("Index");
            }

            return View(album);
        }

        [Authorize]
        public ActionResult Edit(int? id)
        {
            var isAdmin = userRepository.UserIsAdmin(User.Identity.Name);
            if (!isAdmin)
            {
                return View("_Layout");
            }
            if (id == null)
            {
                return new HttpStatusCodeResult(HttpStatusCode.BadRequest);
            }
            var album = albumRepository.Find(id.Value);
            if (album == null)
            {
                return HttpNotFound();
            }
            return View(album);
        }

        // POST: /Album/Edit/5
        // To protect from overposting attacks, please enable the specific properties you want to bind to, for 
        // more details see http://go.microsoft.com/fwlink/?LinkId=317598.
        [HttpPost]
        [ValidateAntiForgeryToken]
        [Authorize]
        public ActionResult Edit([Bind(Include = "AlbumId,AlbumName,Description,Hide,Logo,UserId")] Album album)
        {
            var isAdmin = userRepository.UserIsAdmin(User.Identity.Name);
            if (!isAdmin)
            {
                return View("_Layout");
            }
            if (ModelState.IsValid)
            {
                albumRepository.Save(album);
                return RedirectToAction("Index");
            }
            return View(album);
        }

        [Authorize]
        public ActionResult Delete(int? id)
        {
            var isAdmin = userRepository.UserIsAdmin(User.Identity.Name);
            if (!isAdmin)
            {
                return View("_Layout");
            }
            if (id == null)
            {
                return new HttpStatusCodeResult(HttpStatusCode.BadRequest);
            }
            var album = albumRepository.Find(id.Value);
            if (album == null)
            {
                return HttpNotFound();
            }
            return View(album);
        }

        [HttpPost, ActionName("Delete")]
        [ValidateAntiForgeryToken]
        [Authorize]
        public ActionResult DeleteConfirmed(int id)
        {
            var isAdmin = userRepository.UserIsAdmin(User.Identity.Name);
            if (!isAdmin)
            {
                return View("_Layout");
            }
            albumRepository.Delete(id);
            return RedirectToAction("Index");
        }
    }
}
